apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  annotations:
    openshift.io/description: Allows ssh-pod to read nodes and machineconfigs
  name: ssh-bastion
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: ssh-bastion
subjects:
- apiGroup: rbac.authorization.k8s.io
  kind: User
  name: system:serviceaccount:byoh-ssh-bastion:ssh-bastion